Multiple Realms in Apache mod_auth_kerb

Reto Schubnell reto_schubnell at
Thu Sep 25 09:23:19 EDT 2008

 I have a problem to get my apache to work with 2 Domains test1 and test2 with kerberos The Site should be accessible by users in both domains. Is there a trust needed between the domains ? ( I can't do a trust between the domains for securiy reasons ) 
 What steps are needed to get this work ? 
kerberos.conf in apache 
 <Directory /> 
         Options FollowSymLinks 
         AllowOverride None 
         AuthType Kerberos 
         AuthName "Kerberos Login" 
         KrbMethodNegotiate On 
         KrbMethodK5Passwd Off 
         KrbAuthoritative On 
         KrbVerifyKDC On 
         KrbAuthRealms TEST1.LOCAL TEST2.LOCAL 
         Krb5KeyTab /etc/apache2/test.keytab 
         require valid-user 
         TEST1.LOCAL = { 
                 kdc = kdc.test1.local 
                admin_server = kdc.test1.local 
         TEST2.LOCAL = { 
               kdc = kdc.test2.local 
               admin_server = kdc.test2.local 
Connect to the next generation of MSN Messenger

More information about the Kerberos mailing list